CVE-2023-2900

Name of the Vulnerable Software and Affected Versions NFine Rapid Development Platform version 20230511

Description A problematic issue has been found, affecting an unknown function of the file /Login/CheckLogin, which leads to the use of a weak hash. This issue can be exploited remotely, but the complexity of an attack is rather high and the exploitability is difficult. The exploit has been disclosed to the public.

Recommendations For NFine Rapid Development Platform version 20230511, consider restricting access to the /Login/CheckLogin file until a fix is available, as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.